Route Origin Authorization
$ rpki-client -vvf rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9762274-c916-4e75-a8ee-f0e4966bd488.roa
File: c9762274-c916-4e75-a8ee-f0e4966bd488.roa (raw, json)
Hash identifier: RuAuCM7Y1YZP/bD/ptA+gefR01Q/PtR0crbVAGZg7vU=
Subject key identifier: 65:3E:F7:03:4E:9D:06:75:29:17:25:62:39:34:F2:68:6A:B6:21:55
Certificate issuer: /CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Certificate serial: 2EAFD788AC9C67185807AD12E2F25D03BFEE08F3
Authority key identifier: 8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject info access: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9762274-c916-4e75-a8ee-f0e4966bd488.roa
Signing time: Sat 18 Oct 2025 04:30:25 +0000
ROA not before: Sat 18 Oct 2025 04:30:25 +0000
ROA not after: Sat 22 Nov 2025 23:59:59 +0000
asID: 16509
IP address blocks: 2a05:d07b:9000::/40 maxlen: 48
Validation: OK
Signature path: rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.mft
rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Tue 21 Oct 2025 09:00:58 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
2e:af:d7:88:ac:9c:67:18:58:07:ad:12:e2:f2:5d:03:bf:ee:08:f3
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=8b6263dbe9799dd6793e0e882ad21cb4849970bc
Validity
Not Before: Oct 18 04:30:25 2025 GMT
Not After : Nov 22 23:59:59 2025 GMT
Subject: serialNumber=64ece31cb35b45debb89d6e70f671e516da7c76de26dfca01f6c9abdb2b221a9, CN=6615a38b-3ad7-47b7-8fb2-685c38d00914
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:b0:b1:8e:8e:92:3e:91:6a:a5:16:af:b2:96:d5:
e1:f8:dc:6a:52:7a:5f:7d:aa:69:65:04:6a:44:a4:
f6:e5:3c:a3:40:e4:84:ee:f8:ce:02:59:88:00:50:
1b:da:90:49:02:35:f4:74:51:87:a6:12:83:6b:fe:
6a:24:0d:88:6b:41:46:93:c7:4c:46:8e:ee:cb:f8:
a6:ce:d1:10:93:86:f8:e8:04:5e:eb:c8:16:ca:43:
f7:f5:3f:ca:9e:79:73:80:a8:5b:49:ce:f6:50:59:
c2:2f:a2:f6:99:43:61:78:c6:9a:98:ad:f2:d4:eb:
29:9c:18:fb:ba:04:16:07:65:6d:7b:cf:7e:70:29:
27:71:97:84:81:c4:37:5a:87:0f:7d:3e:19:73:8c:
7e:61:42:64:25:84:02:0d:9d:de:10:58:64:db:f8:
ef:eb:a4:26:9a:d9:02:5a:0c:ef:9e:e5:e9:36:c6:
86:aa:38:29:74:62:43:ad:75:8c:88:dd:5d:b3:a1:
91:b1:fb:44:30:86:89:13:98:6b:19:d9:2d:3e:e2:
69:13:c0:33:45:be:5a:26:dc:36:1b:a7:21:ef:a7:
49:b6:ca:dc:0f:bc:72:c7:3b:08:73:47:8c:67:0b:
f6:69:6c:37:2a:30:da:45:2b:39:0f:09:2b:28:0d:
f7:cd
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
65:3E:F7:03:4E:9D:06:75:29:17:25:62:39:34:F2:68:6A:B6:21:55
X509v3 Authority Key Identifier:
keyid:8B:62:63:DB:E9:79:9D:D6:79:3E:0E:88:2A:D2:1C:B4:84:99:70:BC
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/i2Jj2-l5ndZ5Pg6IKtIctISZcLw.cer
Subject Information Access:
Signed Object - URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/c9762274-c916-4e75-a8ee-f0e4966bd488.roa
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki-rsync.us-east-2.amazonaws.com/volume/dba8f01c-9669-44a3-ac6e-db2edb099b84/uODatdtYc1HrhtUQVQyrDK08GeI.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv6:
2a05:d07b:9000::/40
Signature Algorithm: sha256WithRSAEncryption
50:48:d9:b9:c2:ed:c5:a4:35:56:ee:89:e8:c6:25:66:ee:67:
a0:7d:9d:1d:d4:e5:b0:9a:bd:f8:fe:12:48:3a:88:4c:30:0b:
78:96:75:2b:c1:ce:08:f9:2a:d2:d6:41:60:0c:8b:c7:e6:03:
ed:a2:7a:15:54:6d:20:dc:14:b7:34:58:8a:d2:57:bd:eb:99:
09:03:ff:1c:ea:27:1d:2b:6a:40:ae:ee:3e:ba:a3:16:3c:fd:
0a:14:e1:22:59:bf:69:eb:dd:73:9a:ac:03:dd:3f:d5:77:9c:
7c:24:bf:85:c3:56:de:20:dd:e2:49:28:2d:8f:6f:86:f4:21:
3c:dd:e9:c8:80:13:ab:9c:14:5c:49:90:fc:b8:c9:81:53:ef:
ba:80:da:ce:57:90:e9:30:a6:d4:f1:ac:aa:6e:bc:85:6e:62:
d6:10:d6:6c:a6:64:e6:83:2d:5a:86:bd:7e:03:4d:62:db:02:
b4:03:65:29:3f:7c:01:c2:93:c8:19:93:d6:59:7d:9b:f5:fb:
f4:d6:bd:6a:6d:26:df:f5:3f:e0:db:40:9a:b2:89:72:7a:c1:
42:19:3a:d8:b6:96:86:30:df:a2:e7:5c:81:4f:53:bb:cd:29:
f9:07:38:e5:01:93:a1:a2:69:77:2e:31:36:ac:c1:29:e0:13:
29:ed:10:12
-----BEGIN CERTIFICATE-----
MIIFYDCCBEigAwIBAgIULq/XiKycZxhYB60S4vJdA7/uCPMwDQYJKoZIhvcNAQEL
BQAwMzExMC8GA1UEAxMoOGI2MjYzZGJlOTc5OWRkNjc5M2UwZTg4MmFkMjFjYjQ4
NDk5NzBiYzAeFw0yNTEwMTgwNDMwMjVaFw0yNTExMjIyMzU5NTlaMHoxSTBHBgNV
BAUTQDY0ZWNlMzFjYjM1YjQ1ZGViYjg5ZDZlNzBmNjcxZTUxNmRhN2M3NmRlMjZk
ZmNhMDFmNmM5YWJkYjJiMjIxYTkxLTArBgNVBAMTJDY2MTVhMzhiLTNhZDctNDdi
Ny04ZmIyLTY4NWMzOGQwMDkxNDCCASIwDQYJKoZIhvcNAQEBBQADggEPADCCAQoC
ggEBALCxjo6SPpFqpRavspbV4fjcalJ6X32qaWUEakSk9uU8o0DkhO74zgJZiABQ
G9qQSQI19HRRh6YSg2v+aiQNiGtBRpPHTEaO7sv4ps7REJOG+OgEXuvIFspD9/U/
yp55c4CoW0nO9lBZwi+i9plDYXjGmpit8tTrKZwY+7oEFgdlbXvPfnApJ3GXhIHE
N1qHD30+GXOMfmFCZCWEAg2d3hBYZNv47+ukJprZAloM757l6TbGhqo4KXRiQ611
jIjdXbOhkbH7RDCGiROYaxnZLT7iaRPAM0W+WibcNhunIe+nSbbK3A+8csc7CHNH
jGcL9mlsNyow2kUrOQ8JKygN980CAwEAAaOCAiMwggIfMB0GA1UdDgQWBBRlPvcD
Tp0GdSkXJWI5NPJoarYhVTAfBgNVHSMEGDAWgBSLYmPb6Xmd1nk+Dogq0hy0hJlw
vDAOBgNVHQ8BAf8EBAMCB4AwZAYIKwYBBQUHAQEEWDBWMFQGCCsGAQUFBzAChkhy
c3luYzovL3Jwa2kucmlwZS5uZXQvcmVwb3NpdG9yeS9ERUZBVUxUL2kySmoyLWw1
bmRaNVBnNklLdEljdElTWmNMdy5jZXIwgZ4GCCsGAQUFBwELBIGRMIGOMIGLBggr
BgEFBQcwC4Z/cnN5bmM6Ly9ycGtpLXJzeW5jLnVzLWVhc3QtMi5hbWF6b25hd3Mu
Y29tL3ZvbHVtZS9kYmE4ZjAxYy05NjY5LTQ0YTMtYWM2ZS1kYjJlZGIwOTliODQv
Yzk3NjIyNzQtYzkxNi00ZTc1LWE4ZWUtZjBlNDk2NmJkNDg4LnJvYTCBiAYDVR0f
BIGAMH4wfKB6oHiGdnJzeW5jOi8vcnBraS1yc3luYy51cy1lYXN0LTIuYW1hem9u
YXdzLmNvbS92b2x1bWUvZGJhOGYwMWMtOTY2OS00NGEzLWFjNmUtZGIyZWRiMDk5
Yjg0L3VPRGF0ZHRZYzFIcmh0VVFWUXlyREswOEdlSS5jcmwwGAYDVR0gAQH/BA4w
DDAKBggrBgEFBQcOAjAhBggrBgEFBQcBBwEB/wQSMBAwDgQCAAIwCAMGACoF0HuQ
MA0GCSqGSIb3DQEBCwUAA4IBAQBQSNm5wu3FpDVW7onoxiVm7megfZ0d1OWwmr34
/hJIOohMMAt4lnUrwc4I+SrS1kFgDIvH5gPtonoVVG0g3BS3NFiK0le965kJA/8c
6icdK2pAru4+uqMWPP0KFOEiWb9p691zmqwD3T/Vd5x8JL+Fw1beIN3iSSgtj2+G
9CE83enIgBOrnBRcSZD8uMmBU++6gNrOV5DpMKbU8ayqbryFbmLWENZspmTmgy1a
hr1+A01i2wK0A2UpP3wBwpPIGZPWWX2b9fv01r1qbSbf9T/g20CasolyesFCGTrY
tpaGMN+i51yBT1O7zSn5BzjlAZOhoml3LjE2rMEp4BMp7RAS
-----END CERTIFICATE-----
Generated at Mon Oct 20 12:52:17 2025 by rpki-client